The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation. Attackers can inject content other than the specified value
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
![]() | CVE-2022-4033 | 29 Nov 202220:25 | – | cvelist |
![]() | CVE-2022-4033 | 29 Nov 202221:15 | – | nvd |
![]() | CVE-2022-4033 | 29 Nov 202220:25 | – | vulnrichment |
![]() | Input validation | 29 Nov 202221:15 | – | prion |
![]() | CVE-2022-4033 | 29 Nov 202221:15 | – | osv |
![]() | Quiz and Survey Master < 8.0.5 - Improper Input Validation | 29 Nov 202200:00 | – | wpvulndb |
![]() | WordPress Quiz and Survey Master plugin input validation error vulnerability | 30 Nov 202200:00 | – | cnvd |
[
{
"vendor": "expresstech",
"product": "Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress",
"versions": [
{
"version": "*",
"status": "affected",
"lessThanOrEqual": "8.0.4",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]
Source | Link |
---|---|
plugins | www.plugins.trac.wordpress.org/changeset |
wordfence | www.wordfence.com/vulnerability-advisories-continued/ |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo